From: Jan Stancek <jstancek@xxxxxxxxxx> redhat: Use redhatsecureboot701 for ppc64le Forward-port of c9s commit dd9a91221db9 ("redhat: Use redhatsecureboot701 for ppc64le") Conflicts: RHEL has certs stored in system-sb-certs package, but ARK/Fedora has them in tree. When addressing CVE-2022-1665 the ppc64le signing keys were rotated but the kernel itself was not updated to use the new key. Signed-off-by: Patrick Talbert <ptalbert@xxxxxxxxxx> Signed-off-by: Prarit Bhargava <prarit@xxxxxxxxxx> Signed-off-by: Jan Stancek <jstancek@xxxxxxxxxx> diff --git a/redhat/kernel.spec.template b/redhat/kernel.spec.template index blahblah..blahblah 100644 --- a/redhat/kernel.spec.template +++ b/redhat/kernel.spec.template @@ -843,7 +843,7 @@ Source13: redhatsecureboot501.cer %define pesign_name_0 redhatsecureboot302 %endif %ifarch ppc64le -%define pesign_name_0 redhatsecureboot601 +%define pesign_name_0 redhatsecureboot701 %endif %endif # rhel && !eln -- https://gitlab.com/cki-project/kernel-ark/-/merge_requests/2849 -- _______________________________________________ kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/kernel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue